After some experimenting with:
(a) The Thunderbird client
(b) The Linux command as client:
% openssl s_client -connect dovecot-server:imaps
I have arrived to a preliminary conclusion. The error that I am getting is this:
dovecot: imap-login: Disconnected: TLS: SSL_read() failed: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42
It seems that the server certificate from the box is fine. I am guessing that the problem is that Dovecot asks for an SSL certificate that the Thunderbird client is not prepared to produce. I don't believe Thunderbird provides such capability (??).
If that is the case, how do I configure Dovecot to not ask for a client certificate?
Thanks,
Raymond
ps: If I am correct, the error message would be more informative as follows: "ssl3_read_bytes:sslv3 alert bad _*client*_ certificate".
On 11/9/2020 11:42 PM, Raymond Herrera wrote:
The E-mail client is Thunderbird on Windows.
I am preparing a new server, with Dovecot 2.2.36 and would like to know the currently recommended protocols. Should I stick to what I have? I would prefer to start with the easiest configuration possible, which I will revise later.
This is the command that I have been using to verify the server's functionality:
TIA